Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

CVE
CVEadded 2026/04/09 2:25 a.m.7 views

CVE-2026-3568

CVE-2026-3568 affects the WordPress MStore API plugin up to version 4.18.3. The root cause is in update_user_profile() processing the raw JSON field 'meta_data' without validation, allowlisting, or sanitization, and then applying arbitrary keys/values to update_user_meta() after cookie-based auth...

4.3CVSS6AI score0.00042EPSS
Exploits0References8
SUSE CVE
SUSE CVEadded 2023/02/15 4:30 a.m.4 views

SUSE CVE-2018-6574

Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked...

7.8CVSS7.7AI score0.36789EPSS
Exploits4References3
BDU FSTEC
BDU FSTECadded 2019/03/06 12:0 a.m.0 views

The vulnerability of the “go get” implementation in the Go programming package allows a perpetrator to execute the “go get” command remotely.

The vulnerability of the “go get” command in the Golang programming language is related to the absence of blocking of arguments -fplugin= and -plugin= during the compilation of source code using GCC or Clang plugin functions. Exploiting this vulnerability allows a remote attacker to execute the “...

9.8CVSS7AI score0.36789EPSS
Exploits4References6Affected Software4
Rows per page
Query Builder